Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/aiBBZQvBm_ezQ9IV3c2lDLI945E.roa
File: aiBBZQvBm_ezQ9IV3c2lDLI945E.roa (raw, json)
Hash identifier: dX/OaCjpECX9Kc5cKHprmEzykjsynGhKkt+yE74JRKA=
Subject key identifier: 6A:20:41:65:0B:C1:9B:F7:B3:43:D2:15:DD:CD:A5:0C:B2:3D:E3:91
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 0185BEB6B04D1E30E1E20B46B843D3C0A986
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/aiBBZQvBm_ezQ9IV3c2lDLI945E.roa
Signing time: Tue 17 Jan 2023 07:52:01 +0000
ROA not before: Tue 17 Jan 2023 07:52:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 89.19.42.0/23 maxlen: 32
83.229.76.0/22 maxlen: 32
119.13.192.0/20 maxlen: 32
93.114.10.0/23 maxlen: 32
45.142.92.0/22 maxlen: 32
209.20.176.0/21 maxlen: 32
93.180.192.0/20 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:be:b6:b0:4d:1e:30:e1:e2:0b:46:b8:43:d3:c0:a9:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Jan 17 07:52:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a2041650bc19bf7b343d215ddcda50cb23de391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:19:57:7e:3f:b0:7a:77:f7:99:e5:f0:a0:90:
64:5d:14:90:13:52:5c:b1:3e:8d:c7:07:0c:bd:b8:
c4:81:58:84:d1:ac:d2:52:ec:86:f4:5b:cf:49:14:
ed:89:d1:57:19:20:3e:fb:83:97:5d:14:0a:64:ad:
2f:35:73:f6:0c:e5:ad:e2:3e:60:c2:c1:23:8c:06:
ba:5a:7c:26:49:a9:d9:3e:8f:6d:3d:68:1a:bc:81:
19:a8:fe:47:69:9b:a5:e7:45:f4:e3:10:fa:32:9f:
cf:7b:96:dc:9d:43:b1:d0:8e:5e:0e:c6:b7:24:fe:
d0:bf:02:d8:83:19:0d:35:7f:a1:d7:ef:89:4f:77:
f7:8b:01:42:a5:55:f8:a6:a3:6f:d0:88:12:43:87:
f6:db:0e:c3:e2:bb:9c:93:5e:1a:2c:92:d3:fa:6a:
c7:8b:f1:cb:71:37:ff:e0:95:f6:4b:6f:0c:38:51:
2a:ef:0d:51:9a:6c:bc:07:9d:b2:14:33:85:4c:37:
94:a8:18:70:59:b9:b8:f2:50:c4:37:94:55:86:7b:
fe:ac:51:b2:f1:b7:b6:29:fb:12:d6:f2:3d:ac:60:
f3:52:1b:cf:bb:64:47:3a:35:e0:8d:ed:b0:72:bd:
55:11:d8:5f:20:b8:0f:d0:ab:d3:0b:0e:ec:37:a8:
32:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:20:41:65:0B:C1:9B:F7:B3:43:D2:15:DD:CD:A5:0C:B2:3D:E3:91
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/aiBBZQvBm_ezQ9IV3c2lDLI945E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.92.0/22
83.229.76.0/22
89.19.42.0/23
93.114.10.0/23
93.180.192.0/20
119.13.192.0/20
209.20.176.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:1a:8e:1b:90:c3:34:ae:75:28:7c:3a:bd:28:d0:9d:d7:d4:
53:a1:b2:2d:67:97:e6:b9:9b:9a:1f:63:cb:48:98:69:ae:3f:
0f:20:6d:16:9f:6f:6d:5a:b3:32:99:3c:a4:1a:7f:37:78:21:
27:91:69:d3:38:f2:61:b0:34:df:df:fa:c6:40:e8:31:6c:a7:
3f:64:40:e4:32:a4:1b:90:7f:40:bc:53:94:bc:4f:ba:2a:04:
40:66:d8:4a:dd:6a:5c:f5:e9:51:b6:ac:95:1a:b4:d5:19:8d:
98:77:cd:81:7f:33:51:6c:41:6e:be:b6:be:0c:14:92:6d:42:
97:c4:bc:76:a9:52:ef:41:67:c1:55:a5:8e:6a:b9:e5:a4:34:
eb:cc:0e:3f:41:57:c2:78:6c:22:9c:08:a1:25:02:a3:3c:09:
5f:df:59:d8:17:fa:fc:f8:25:de:fe:48:6d:05:1a:3b:26:6c:
81:73:78:8f:63:0e:74:d0:d8:48:56:7c:01:ce:10:47:a6:ff:
f5:e4:7d:92:8d:b9:65:11:f8:90:41:43:18:0f:73:a2:c2:7d:
9a:31:84:06:f2:47:0c:04:fb:cf:00:d8:19:12:6e:d1:76:40:
41:07:65:3d:e1:cf:5c:f0:1f:18:c7:68:16:a1:11:97:63:11:
51:c3:ac:7c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYW+trBNHjDh4gtGuEPTwKmGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjMwMTE3MDc1MjAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTIwNDE2NTBiYzE5YmY3YjM0M2QyMTVkZGNkYTUwY2IyM2RlMzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxlXfj+wenf3meXwoJBkXRSQE1Jc
sT6NxwcMvbjEgViE0azSUuyG9FvPSRTtidFXGSA++4OXXRQKZK0vNXP2DOWt4j5g
wsEjjAa6WnwmSanZPo9tPWgavIEZqP5HaZul50X04xD6Mp/Pe5bcnUOx0I5eDsa3
JP7QvwLYgxkNNX+h1++JT3f3iwFCpVX4pqNv0IgSQ4f22w7D4ruck14aLJLT+mrH
i/HLcTf/4JX2S28MOFEq7w1Rmmy8B52yFDOFTDeUqBhwWbm48lDEN5RVhnv+rFGy
8be2KfsS1vI9rGDzUhvPu2RHOjXgje2wcr1VEdhfILgP0KvTCw7sN6gyAQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGogQWULwZv3s0PSFd3NpQyyPeORMB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvYWlCQlpRdkJtX2V6UTlJVjNjMmxETEk5NDVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLY5cAwQC
U+VMAwQBWRMqAwQBXXIKAwQEXbTAAwQEdw3AAwQD0RSwMA0GCSqGSIb3DQEBCwUA
A4IBAQA/Go4bkMM0rnUofDq9KNCd19RTobItZ5fmuZuaH2PLSJhprj8PIG0Wn29t
WrMymTykGn83eCEnkWnTOPJhsDTf3/rGQOgxbKc/ZEDkMqQbkH9AvFOUvE+6KgRA
ZthK3Wpc9elRtqyVGrTVGY2Yd82BfzNRbEFuvra+DBSSbUKXxLx2qVLvQWfBVaWO
arnlpDTrzA4/QVfCeGwinAihJQKjPAlf31nYF/r8+CXe/khtBRo7JmyBc3iPYw50
0NhIVnwBzhBHpv/15H2SjbllEfiQQUMYD3Oiwn2aMYQG8kcMBPvPANgZEm7RdkBB
B2U94c9c8B8Yx2gWoRGXYxFRw6x8
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org